$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.cer File: 23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.cer (raw, json) Hash identifier: h6mDjhdjJFDRw/y3DUT9Em0e2cIpqEC0vDNTKn5qMJ8= Subject key identifier: 23:BE:8C:EA:61:94:06:F9:D8:60:B1:F9:7E:E8:F7:ED:77:E8:EE:7C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 69484021C745C498369CD27603D86EB1791E8110 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.mft caRepository: rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 22 Oct 2024 04:02:32 +0000 Certificate not after: Tue 21 Oct 2025 04:07:32 +0000 Subordinate resources: IP: 160.20.250.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:48:40:21:c7:45:c4:98:36:9c:d2:76:03:d8:6e:b1:79:1e:81:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 22 04:02:32 2024 GMT Not After : Oct 21 04:07:32 2025 GMT Subject: CN=23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:8c:20:3c:be:fd:3a:1f:0b:a7:75:88:52:09: 05:8e:8c:e2:6a:d0:16:c7:1f:9b:a0:07:8d:7a:c4: 09:4c:74:1d:7a:ee:d4:32:ee:00:69:69:d5:f8:cc: d1:47:bf:54:71:65:90:c1:57:98:7a:64:ff:ec:08: e3:32:6d:ae:1c:ba:35:0c:e0:3e:a9:dd:a0:84:90: 8b:5d:cd:fb:8a:6d:7a:8a:29:64:1c:b9:d0:d6:f0: 8a:9d:45:79:b3:97:07:e1:67:ed:db:7f:2f:28:e1: bf:90:e4:04:5a:b0:23:5e:1d:de:54:ed:74:f4:97: c3:66:12:3c:a7:90:72:78:c8:81:a2:8e:75:4a:db: ec:79:53:58:7d:bc:25:d5:f5:1b:10:64:49:e3:e9: d1:f7:66:ba:63:0c:b6:f4:ff:a9:66:78:fe:cd:96: f1:af:ba:be:2c:c0:37:4d:59:22:e4:70:b1:aa:77: 87:f8:af:0e:12:88:79:d4:11:32:79:18:1a:0e:30: f9:f5:ca:cd:a5:99:af:99:ab:59:c4:a1:33:dd:80: fe:05:72:e3:e9:3b:b6:a4:e7:cd:9e:f7:b9:a1:4c: e6:69:c7:82:df:08:2b:e2:30:37:ad:62:6a:97:55: 95:42:c2:14:b9:21:62:81:c6:a5:d8:84:5c:6e:d3: 19:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 23:BE:8C:EA:61:94:06:F9:D8:60:B1:F9:7E:E8:F7:ED:77:E8:EE:7C X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.250.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:59:b5:3e:f9:ea:9e:84:2f:ea:20:b3:15:f8:25:b5:82:98: 14:e4:7f:2b:cb:52:26:1c:ab:b5:b7:95:2f:e0:e5:ee:3b:73: 5a:20:8e:4b:10:9d:4e:4d:c5:4b:a5:0f:41:32:73:41:e1:2c: f7:b9:6b:a3:14:38:e5:dd:41:3a:4e:1c:e8:39:6d:ac:bc:b7: 3e:41:b4:59:19:20:a5:9e:be:3c:b0:d3:9b:07:9f:4d:b8:49: 2e:4d:c0:f3:b3:fa:08:a9:b1:4b:5c:f8:bd:bb:e2:7a:b1:02: a9:33:3f:d4:51:6f:dd:96:93:db:99:0c:5f:59:82:8e:85:c6: 65:ac:3f:2e:32:b9:03:58:78:52:fb:e3:40:33:68:02:3d:1f: a2:2c:e7:46:a4:bc:4f:6d:7e:9d:00:3b:a0:61:fb:67:8a:c6: 9a:06:80:d7:7c:43:c3:45:37:b7:53:85:b4:19:c1:1b:0f:a8: aa:36:17:74:cb:d3:57:eb:a2:ff:54:15:b1:3d:cf:61:1d:02: 8b:80:61:fe:f5:d2:b5:11:9a:89:35:98:da:e9:f9:2d:3b:6f: 82:eb:bd:7b:57:9a:b7:7d:1c:78:3a:49:ab:e2:01:12:a2:ad: c9:ae:b3:7f:f5:00:19:1b:02:da:9d:cd:36:1d:79:2c:5c:55: 52:4c:cf:05 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUaUhAIcdFxJg2nNJ2A9husXkegRAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MTAyMjA0MDIzMloX DTI1MTAyMTA0MDczMlowMzExMC8GA1UEAxMoMjNCRThDRUE2MTk0MDZGOUQ4NjBC MUY5N0VFOEY3RUQ3N0U4RUU3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKCMIDy+/TofC6d1iFIJBY6M4mrQFscfm6AHjXrECUx0HXru1DLuAGlp1fjM 0Ue/VHFlkMFXmHpk/+wI4zJtrhy6NQzgPqndoISQi13N+4pteoopZBy50Nbwip1F ebOXB+Fn7dt/Lyjhv5DkBFqwI14d3lTtdPSXw2YSPKeQcnjIgaKOdUrb7HlTWH28 JdX1GxBkSePp0fdmumMMtvT/qWZ4/s2W8a+6vizAN01ZIuRwsap3h/ivDhKIedQR MnkYGg4w+fXKzaWZr5mrWcShM92A/gVy4+k7tqTnzZ73uaFM5mnHgt8IK+IwN61i apdVlULCFLkhYoHGpdiEXG7TGVcCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCO+jOphlAb52GCx+X7o9+136O58MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iYmVkNmRjNC1kMzhiLTQ0YmEtOWYwYi00Mjg0NTViMjc2ZWUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiZWQ2ZGM0 LWQzOGItNDRiYS05ZjBiLTQyODQ1NWIyNzZlZS8wLzIzQkU4Q0VBNjE5NDA2RjlE ODYwQjFGOTdFRThGN0VENzdFOEVFN0MubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFPowDQYJKoZIhvcNAQELBQADggEBADtZtT756p6EL+ogsxX4JbWCmBTkfyvL UiYcq7W3lS/g5e47c1ogjksQnU5NxUulD0Eyc0HhLPe5a6MUOOXdQTpOHOg5bay8 tz5BtFkZIKWevjyw05sHn024SS5NwPOz+gipsUtc+L274nqxAqkzP9RRb92Wk9uZ DF9Zgo6FxmWsPy4yuQNYeFL740AzaAI9H6Is50akvE9tfp0AO6Bh+2eKxpoGgNd8 Q8NFN7dThbQZwRsPqKo2F3TL01frov9UFbE9z2EdAouAYf710rURmok1mNrp+S07 b4LrvXtXmrd9HHg6SaviARKircmus3/1ABkbAtqdzTYdeSxcVVJMzwU= -----END CERTIFICATE-----Generated at Wed Nov 20 06:21:50 2024 by rpki-client on console-ams.rpki-client.org